Freely subscribe to our NEWSLETTER

Feras, in short, what is Quantum Computing?

’Quantum Computing is a computer that is built out of cubits, and is an extraordinarily powerful machine, it is a revolution, it is the gamechanger in terms of computer processor power. But it has limitations. Quantum computers can only run for about a minute. The more cubits you add to it the more unstable it becomes. But it has the capability to resolve highly complex mathematical problems. As in the most complicated possible, and in a fraction of the time it would take a current computer.’

How will this impact society and business as we know it?

’A mathematical problem that would take 100 professors 10 years, can now be done in 2 minutes. This will significantly impact the way the world operates. Be it medical research or understanding the universe there are so many things that we use maths for, and maths is the basis of all that we do as a society.

But there is a byproduct to quantum computing. In that it will make our current encryption, the encryption that we have on all our websites, applications, internal and external apps, and anything that is encrypted, which is most things, it has the potential to negate all of it, removing security.’

What does that mean for Cyber Security?

’As a security company, SecurityHQ, quantum computing is not necessarily a problem we need to solve, but we do need to be extremely aware of it, and start making steps towards that, to understand it more.

It sounds like a real action movie, but within the quantum computing space Q-Day is the term used to describe the day when computers will be able to crack any encryption algorithm, and this will be the day that somebody has the passwords to everything.

This rapid growth is not too dissimilar to the very rapid development of AI in the last 6 to 9 months. AI has been around since the 90s, but very much in infancy. Only in the last 6 months has AI expanded significantly, and we believe that Quantum computing is about to take that same step where people will be able to access it in a functional state.

A byproduct of that is that all known encryptions will become negated. Which is a huge statement for me, as a cyber security expert to say. The Quantum Computing experts are saying 2025, today is 2024, so it is very close, but how that will be replicated across we do not know at this stage.’

IBM state that ’In 2025, we will enhance the quality of quantum circuits [...] and quantum communication to demonstrate the first quantum- centric supercomputer.’ In light of this quote, what are the signs that you look for?

’The tech press will be the first to lead with this. Where we are with the race of quantum computers, there are several players. You mentioned some of the big players, IBM, Google, Microsoft, etc, they are close to building their quantum computer. But China is investing billions on quantum, on average of 24 billion US dollars a year, and already have quantum computers.’

Who do you predict will be impacted by this first?

’What I estimate is that the first people who will start being affected by quantum computing are those with crypto wallets and crypt currency, because that is an easy target. If you steal bitcoin etc, you can make billions, and they are untraceable, and there is no police force. So, I would watch the crypto wallets first.

I would also note that a lot of the crypto wallets are now becoming quantum proof, they are changing the algorithms of the source code. As are messaging services and apps.

Every organisation will soon start asking ’are my applications, gateway, website, email quantum proof’? That would be the next challenge.

What are SecurityHQ’s Steps Going into This?

’Right now, we are at such an early stage it’s more about education. Education within the business. Understanding how we are going to support our clients. And it’s not like any security company will have the answer here. We as a company have our own CRM systems, we use a bunch of organisations, and businesses use third-party software. That means that third parties must be quantum proof as well. And all companies, and all governments are going to have to start getting real about this.

As an individual there is not much you can do, as you are just relying on third party applications, so the applications you use in your day-to-day life, that is not down to you to security proof that. It’s up to you to maintain your passwords, and where you go and what you do with your accounts, but the applications don’t belong to you.

But for companies, such as us, the internal applications, and websites that we build and own, and the source code that we use, we will have to re-look at those algorithms and create test beds for them to start applying across our applications.

The challenge for businesses is understanding where their data is, what it is sitting on. We know that challenge within our own customer base. But there is time to understand where the data is, educate ourselves around this problem and conduct a business case and risk assessment. That is where businesses need to start, and where our journey will start.

This is a nuclear impact. If someone gets your encryption and passcodes there is no way round that. I want to remind people that a lot of us out there, including SecurityHQ, have a duty to care about the 3rd party data that we have. Going into quantum computing makes this element a legal minefield, because if all the passwords are opened up, but you still legally have a duty of care to protect the data of your customers/and third parties, this will affects allot of businesses out there.

In the eyes of the law, ignorance is not an excuse, and it never has been and never will be.’

What would Be Your Advice to CISOs and IT Leaders heading into 2025?

’There is a heap of information out there on quantum computing. You can learn an awful lot from YouTube. The more awareness and conversations we can have on the topic, the better. It’s getting started, that’s the hard part. But really, it’s simply changing certain parts of the algorithm, and if you get the right expertise on it, it’s not that difficult.

But you can’t go into it on day one, you really need to look at it, get an understanding of it, learn about the potential impact, and understand what applications you use internally and externally.

And just start making small changes. Start talking to your third parties, ask them if they are quantum proof, have they done an impact/risk assessment etc.?’

Threat Intelligence for the Future

SecurityHQ’s Threat Intelligence team is a cohesive global unit dedicated to Cyber Threat Intelligence. Their team is focused on researching emerging threats, tracking activities of threat-actors, ransomware groups, and campaigns, to ensure that they stay ahead of potential risks. Beyond their investigative work, the Intelligence team provides actionable threat intelligence and research, enriching the understanding of SecurityHQ’s customers worldwide. United by a common commitment, the SecurityHQ Threat Intelligence team delivers the insights needed to confidently navigate the intricacies of the cyber security threat landscape.